October 2013

Global News Roundup

While much of the news was focused on the EU Data Protection Regulation this week, a few other things of note happened in the legal realm as well. For example, the EU Parliament adopted a resolution to suspend SWIFT based on allegations that the U.S. NSA had access to EU citizen’s bank data; the FTC reached a settlement with Aaron’s, Inc., over the company’s consumer spying regime, and in Ecuador there are concerns that a new penal code could violate citizens’ online privacy. These are just a few of the stories—in addition to information on the LIBE vote and the future of Safe Harbor and the EU regulation—in this week’s Privacy Tracker legislative roundup.

You may need to be an IAPP member and be logged in to read the full article.
Log in now or click here to learn more about IAPP membership.
IAPP Westin Research Center

Treacherous Waters: What the World Would Look Like Without Safe Harbor

By Kelsey Finch, IAPP Westin Research Fellow

Since the revelation of the NSA’s mass e-surveillance program in June, and in conjunction with the progress of the new General Data Protection Regulation (GDPR) in Brussels, European institutions have been actively reconsidering the terms on which personal data is permitted to cross European borders. One proposal, which has raised a ripple effect of concern through the industry, includes...

You may need to be an IAPP member and be logged in to read the full article.
Log in now or click here to learn more about IAPP membership.

Global News Roundup

This week’s Privacy Tracker legislative roundup highlights changing privacy laws from the U.S. to Bahrain. Revisions to the U.S. Telephone Consumer Protection Act went into effect last week; the European Parliament’s Committee on Civil Liberties, Justice and Home Affairs will vote today on amendments to the proposed regulation and directive—including one that would see U.S. companies seeking permission from EU officials before complying with government access requests to EU data, and the Bahrain cabinet has preliminarily approved a data protection law. Meanwhile, the UK Information Commissioner’s Office is considering jail time for breaches at the same time as justifying its fining practices.

You may need to be an IAPP member and be logged in to read the full article.
Log in now or click here to learn more about IAPP membership.

The LIBE Vote on EU Data Protection: What, Exactly, Happens on Monday?

By Emily Leach, CIPP/US

The European Parliament’s Committee on Civil Liberties, Justice and Home Affairs (LIBE) has scheduled votes on the reports on the revised data protection regulation and directive for Monday in Strasbourg. This post notes outlines the steps that come after Monday’s vote in order to create a new data protection law in the EU and offers insight into what EU privacy pros are saying about the likely outcome.

You may need to be an IAPP member and be logged in to read the full article.
Log in now or click here to learn more about IAPP membership.

TCPA Changes: An Interview with Yaron Dori

Changes that the Federal Communications Commission (FCC) made to the Telephone Consumer Protection Act (TCPA) go into effect today. The changes are intended to bring the TCPA into line with the Federal Trade Commission’s (FTC’s) Telemarketing Consumer Fraud and Abuse Prevention Act. However, the FCC added new requirements for text messaging in TCPA. In this Privacy Tracker exclusive interview, find out from TCPA expert Yaron Dori, partner at Covington & Burling, what these changes mean for your organization and its practices, and hear advice on how best to comply.

You may need to be an IAPP member and be logged in to read the full article.
Log in now or click here to learn more about IAPP membership.

Protecting Student Data at the State Level: A Proposal for CPOs in DoEs

By Sheila Kaplan

Last year, Fairfax County, Virginia, Public Schools discovered that the names, ID numbers, grades and other information for students in grades nine through 11 had been posted online. The school district was forced to go to federal court to get the website posting the information to remove it from the site. In the meantime, the private information of more than 2,000 students was available online...

You may need to be an IAPP member and be logged in to read the full article.
Log in now or click here to learn more about IAPP membership.

One State, Two Cases, Dramatically Different Outcomes

By Lindsey Partridge, CIPP/US

Two public entities, the Department of Natural Resources (DNR) and the Rock County Office of Child Support Enforcement—both with snooping employees and both facing class-actions by victims to recoup losses. So why was there a $2 million discrepancy in their outcomes?

You may need to be an IAPP member and be logged in to read the full article.
Log in now or click here to learn more about IAPP membership.
IAPP Westin Research Center

New TCPA Rules: Steep Compliance Challenge Effective Next Week

By Kelsey Finch, IAPP Westin Research Fellow

On October 16, 2013, new Federal Communications Commission (FCC) rules regarding promotional calls and text messages take effect. These regulations amend the Telephone Consumer Protection Act (TCPA) and bring the FCC’s notice requirements into conformity with the FTC’s prior express written consent standards under the Telephone Consumer Fraud and Abuse Prevention Act (TCFAP). Although these...

You may need to be an IAPP member and be logged in to read the full article.
Log in now or click here to learn more about IAPP membership.
IAPP Westin Research Center

What Do the New Disclosure Requirements Under CalOPPA Mean for Your Business?

By Dennis Holmes, IAPP Westin Research Fellow

On Friday, September 27, Governor Jerry Brown signed into law California Assembly Bill 370 (A.B. 370), which amends the California Online Privacy Protection Act  (CalOPPA) requiring businesses to disclose how they respond to Do Not Track (DNT) signals. The new law, which is the first to officially address the DNT mechanism endorsed by the Federal Trade Commission and debated by industry, presents...

You may need to be an IAPP member and be logged in to read the full article.
Log in now or click here to learn more about IAPP membership.

global News Roundup

While U.S. regulators mull over the need for rules surrounding drone use by law enforcement, Montana’s new gun owner healthcare privacy law went into effect and California continues to shape privacy law moving toward a “presumption of harm” in breach cases, but one op-ed claims its “revenge porn” law doesn’t do enough. A Zimbabwean law established a central SIM card database, and Australia’s information commissioner has released a best practice guide for app developers. This weekly roundup offers information on all these issues and more, including what regulators had to say at both the IAPP Privacy Academy and the 35th International Conference of Data Protection and Privacy Commissioners.

You may need to be an IAPP member and be logged in to read the full article.
Log in now or click here to learn more about IAPP membership.